drbg: allow the ctr derivation function to be disabled in FIPS mode

Word from the lab is:

    The use of the derivation function is optional if either an approved
    RBG or an entropy source provides full entropy output when entropy
    input is requested by the DRBG mechanism. Otherwise, the derivation
    function shall be used.

So our disallowing it's use was more than required.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16096)

diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c
index 458feca6a5e98e90719c2c59652feed02c48aed6..dbe57b0d2898df28da08d81901ec3ee225b98c68 100644 (file)
--- a/providers/implementations/rands/drbg_ctr.c
+++ b/providers/implementations/rands/drbg_ctr.c
@@ -496,13 +496,6 @@ static int drbg_ctr_init_lengths(PROV_DRBG *drbg)
     PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data;
     int res = 1;
 
-#ifdef FIPS_MODULE
-    if (!ctr->use_df) {
-        ERR_raise(ERR_LIB_PROV, RAND_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS);
-        ctr->use_df = 1;
-        res = 0;
-    }
-#endif
     /* Maximum number of bits per request = 2^19  = 2^16 bytes */
     drbg->max_request = 1 << 16;
     if (ctr->use_df) {
@@ -730,14 +723,7 @@ static const OSSL_PARAM *drbg_ctr_settable_ctx_params(ossl_unused void *vctx,
     static const OSSL_PARAM known_settable_ctx_params[] = {
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
         OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_CIPHER, NULL, 0),
-#ifndef FIPS_MODULE
-        /*
-         * Don't advertise this for FIPS, it isn't allowed to change.
-         * The parameter can still be passed and will be processed but errors
-         * out.
-         */
         OSSL_PARAM_int(OSSL_DRBG_PARAM_USE_DF, NULL),
-#endif
         OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON,
         OSSL_PARAM_END
     };